public-pentesting-reports
asciinema
Our great sponsors
public-pentesting-reports | asciinema | |
---|---|---|
27 | 103 | |
8,074 | 13,121 | |
- | 1.7% | |
5.4 | 9.6 | |
3 days ago | 7 days ago | |
HTML | Rust | |
- | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
public-pentesting-reports
-
Yet another eCPPTv2 Review
You might find https://github.com/juliocesarfort/public-pentesting-reports repository useful if you need to see how reports are generally structured and written.
-
Reporting question
As for templates, to be honest, I haven't come across many templates floating around. You could look through public pentest reports (https://github.com/juliocesarfort/public-pentesting-reports) and borrow the bits that you prefer and drop them into TCM's template and make it your own.
-
Redteam sanitized report
I know of this site https://redteam.guide/docs/Templates/report_template/ which for me is down but maybe that is temporary, otherwise seek the cached or wayback version. There are also these https://github.com/juliocesarfort/public-pentesting-reports which are pentesting reports but you may find a number that are more about red teaming or have elements of red teaming which you can refer to.
-
Wanting to get into to security
A repository of pentest reports. Writing reports is the most important component of pentesting and redteaming. A pentester who cannot explain what they did, what they found and what the recipient should do to fix their issues is of limited value.
- Penetration testing reports
-
Information to include when writing a Pentesting Report
If you're anything like me, examples help tremendously and so: https://github.com/juliocesarfort/public-pentesting-reports
-
What is a good way to evaluate a pentesting agency?
For good examples, look here. I'd do a test with most of the firms on that list.
- I need help with a pentest report :(
- How often do you communicate with non-technical people in this field?
-
Log4j: The Pain Just Keeps Going and Going
I'd say don't let yourself be discouraged by GP. Just look into a company before you apply. Many have public reports you could look at or security research they publish, both of which you could use as indicators.
Here's a repo with lots of public audit reports by various companies, you could use that as a starting point: https://github.com/juliocesarfort/public-pentesting-reports
asciinema
-
Asciinema 3.0 will be rewritten in Rust
Incorrect link. Just goes to the list of open requests.
Here is a ticket which mentor the rust rewrite, perhaps this was what was intended: https://github.com/asciinema/asciinema/pull/579
-
Ask HN: Who wants to be hired? (February 2024)
Location: Europe
Remote: Yes
Willing to relocate: No
Technologies: Rust, Elixir, Nix(OS), WASM, AWS
Résumé/CV: Available upon request
Github: https://github.com/ku1ik
Open-source: creator of https://asciinema.org, contributor and maintainer of many other projects (see Github profile)
Email: hnhire /at/ defn /dot/ 33mail /dot/ com
20 years of professional experience. I enjoy anything backend related, e.g APIs, profiling and solving performance problems, building high performance, low-latency network solutions, among many other things.
-
[2023 Day 8 (Part 2)] The slot machine way!
This might be a good usecase for https://asciinema.org/
- Asciinema: Record and share your terminal sessions, the simple way
-
Show HN: Hackreels – Animate your code in HD
I do quite a lot of this kind of stuff for my job. Some context that may be useful.
Often the full IDE is needed. I record a lot of gifs of VSCode, where part of the gif is typing code, part is interacting with the rest of the IDE / terminal - perhaps to run the code and view the output.
For me the killer app would be one which could pre-record keystrokes (and maybe mouse actions) so that I could do them error free. I often attempt a gif 10 times before I'm happy with the outcome.
I don't personally love the transition animation. I would want the option for something that seems like it's being typed.
The closest tools I've found are:
Typewriter VSCode extesion: Allows you to copy text and then "types" it out for you. https://marketplace.visualstudio.com/items?itemName=dansilve...
Ascii Cinema: https://asciinema.org/
- Short form video
-
Rsh: Ruby SHell
but it seems pretty popular for this kind of screen recording.
What are some alternatives?
OSCP-Exam-Report-Template-Markdown - :orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
terminalizer - 🦄 Record your terminal and generate animated gif images or share a web player
CherryTree - cherrytree
TabNine - AI Code Completions
writehat - A pentest reporting tool written in Python. Free yourself from Microsoft Word.
nerd-fonts - Iconic font aggregator, collection, & patcher. 3,600+ icons, 50+ patched fonts: Hack, Source Code Pro, more. Glyph collections: Font Awesome, Material Design Icons, Octicons, & more
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
tmux-logging - Easy logging and screen capturing for Tmux.
asciinema-player - Web player for terminal session recordings
Serpico - SimplE RePort wrIting and COllaboration tool
telescope-repo.nvim - 🦘 Jump into the repositories (git, mercurial…) of your filesystem with telescope.nvim, without any setup